[one-users] Strange behavior of ONE + EC2 API when using port forwaring
Javier Fontan
jfontan at gmail.com
Mon Aug 16 01:34:24 PDT 2010
Hello,
The problem is that every configuration value in the conf file is a
string and the code breaks because you are providing a number in that
variable, modify the line you have changed to:
@server_port="8188"
The proper way would be adding a port variable like SSL_SERVER but we
don't have that right now.
Starting the server changing the PORT in configuration file should
work, maybe you have some other daemon listening in that port, can you
verify that?
Bye
On Fri, Aug 13, 2010 at 10:44 AM, Christian Baun <cray at unix-ag.uni-kl.de> wrote:
> Hi Jaime,
>
> I erased the forwarding rules, changed the line in
> /srv/cloud/one/lib/ruby/cloud/econe/EC2QueryServer.rb
> and did a stop/start of econe-server.
>
> When I send a request for a list of instances now, the result is a huge ammount of output.
>
> ...
> boto.exception.BotoServerError: BotoServerError: 500 Internal Server Error
> <!DOCTYPE html>
> <html>
> <head>
> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
> <title>TypeError at /</title>
>
> <script type="text/javascript">
> //<!--
> function toggle(id) {
> var pre = document.getElementById("pre-" + id);
> var post = document.getElementById("post-" + id);
> var context = document.getElementById("context-" + id);
>
> if (pre.style.display == 'block') {
> pre.style.display = 'none';
> post.style.display = 'none';
>
> ...
> ### several hundred lines of output ###
> ...
> <tr>
> <td>sinatra.error</td>
> <td class="code"><div>#<TypeError: can't convert Fixnum into String></div></td>
> </tr>
>
> </table>
> <div class="clear"></div>
> </div> <!-- /RACK ENV -->
>
> <p id="explanation">You're seeing this error because you have
> enabled the <code>show_exceptions</code> setting.</p>
> </div> <!-- /WRAP -->
> </body>
> </html>
>
>
> The econe-server.log says:
>
> ...
> /var/lib/gems/1.8/gems/eventmachine-0.12.10/lib/eventmachine.rb:256:in `run'
> /var/lib/gems/1.8/gems/thin-1.2.7/lib/thin/backends/base.rb:57:in `start'
> /var/lib/gems/1.8/gems/thin-1.2.7/lib/thin/server.rb:156:in `start'
> /usr/lib/ruby/1.8/rack/handler/thin.rb:14:in `run'
> /usr/lib/ruby/1.8/sinatra/base.rb:930:in `run!'
> /usr/lib/ruby/1.8/sinatra/main.rb:25
> /srv/cloud/one/lib/ruby/cloud/econe/econe-server.rb:110
> 84.161.124.220 - - [13/Aug/2010 10:37:20] "GET /?AWSAccessKeyId=oneadmin&Action=DescribeInstances&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2010-08-13T08%3A37%3A01&Version=2010-06-15&Signature=Jp63548ALT6fTdJJTydhSoPaPU6Hj9X3xZZifGiEFyc%3D HTTP/1.1" 500 103926 0.0774
>
>
> Is there anything else, I can try?
>
> Regads,
> Christian
>
>
> Am Freitag, 13. August 2010 schrieb Jaime Melis:
>> Hi Christian,
>>
>> the way authentication works is by creating a "canonical string" which
>> includes the server port and matching it with your connection parameters.
>> Therefore if the port of the client differs from the one of the server it
>> will probably fail.
>>
>> Can you change line 77 of EC2QueryServer.rb:
>> @server_port=@config[:port] => @server_port=8188
>>
>> Can you test that? If that works we could create a fix using environment
>> variables.
>>
>> Regards,
>> Jaime
>>
>>
>>
>> On Thu, Aug 12, 2010 at 4:25 PM, Christian Baun <cray at unix-ag.uni-kl.de>wrote:
>>
>> > Hi,
>> >
>> > I try using the EC2 API with boto[1], a Python interface to Amazon Web
>> > Services.
>> > The oned and econe server are up an running.
>> >
>> > When I try to access the econe server via Port 4567, it is working without
>> > problems. I send a request for a list of instances and econe-server.log
>> > says:
>> >
>> > 84.161.122.172 - - [12/Aug/2010 16:17:30] "GET
>> > /?AWSAccessKeyId=oneadmin&Action=DescribeInstances&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2010-08-12T14%3A17%3A31&Version=2010-06-15&Signature=t9jOxhD3TYAmNCzDpuuFrsSDQ2BItvzDdJjNxGdoye8%3D
>> > HTTP/1.1" 200 1335 0.0377
>> >
>> > It simply works.
>> >
>> > The problem: For several reasons I need access to ONE via the EC2 API over
>> > port 8188.
>> >
>> > I did a port forwarding via:
>> > iptables -I INPUT -p tcp --dport 8188 -j ACCEPT
>> > iptables -I PREROUTING -t nat -i eth0 -p tcp --dport 8188 -j REDIRECT
>> > --to-port 4567
>> >
>> > the econe server can now be reached via 8188:
>> >
>> > telnet 141.52.167.35 8188
>> > Trying 141.52.167.35...
>> > Connected to 141.52.167.35.
>> > Escape character is '^]'.
>> >
>> > But when I send a request for a list of instances, the result is:
>> >
>> > boto.exception.EC2ResponseError: EC2ResponseError: 400 Bad Request
>> > <Response><Errors><Error><Code>AuthFailure</Code><Message>User not
>> > authorized</Message></Error></Errors><RequestID>0</RequestID></Response>
>> >
>> > and econe-server.log says:
>> >
>> > 84.161.122.172 - - [12/Aug/2010 16:20:24] "GET
>> > /?AWSAccessKeyId=oneadmin&Action=DescribeInstances&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2010-08-12T14%3A20%3A25&Version=2010-06-15&Signature=DRA%2BiKREW2MFyARp%2Bxk3JWKrFBFFnJldRISauZ%2Bz6cc%3D
>> > HTTP/1.1" 400 139 0.0042
>> >
>> > Is this a known issue?
>> >
>> > The econe.conf has this values:
>> > ONE_XMLRPC=http://localhost:2633/RPC2
>> > SERVER=141.52.167.35
>> > PORT=4567
>> > VM_TYPE=[NAME=m1.small, TEMPLATE=m1.small.erb]
>> > USER=...
>> > PASSWORD=...
>> > IMAGE_DIR=/srv/cloud/images
>> >
>> > When I change in econe.conf to Port 8188 and the server vaule to a FQDN the
>> > econe server is not starting. These are the only vaules that allow me to
>> > start the econe server.
>> >
>> > Any ideas?
>> >
>> > Thanks in advance for any help
>> >
>> > Christian
>> >
>> > [1] http://code.google.com/p/boto/
>> > _______________________________________________
>> > Users mailing list
>> > Users at lists.opennebula.org
>> > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>> >
>>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
--
Javier Fontan, Grid & Virtualization Technology Engineer/Researcher
DSA Research Group: http://dsa-research.org
Globus GridWay Metascheduler: http://www.GridWay.org
OpenNebula Virtual Infrastructure Engine: http://www.OpenNebula.org
More information about the Users
mailing list